If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Bypass Lotus Domino password protected url

A security vulnerability has been found in the popular Lotus Domino Web server.
Lotus Domino have files like webadmin.nsf, log.nsf and names.nfs, this files
are protected by password. It is discover that is posible to bypass this password
if you create a malformed url.

Notes Databases '.nsf' like webadmin.nsf or log.nsf are store in "lotus/domino/
data/" directory nas Notes Templatesi '.ntf' are store in the same place (Here
is the goal).

I was thinking. Wonder if IBM is going to change it's Lotus line up now that it is embracing Linux on a large scale in it's new line up of servers?
Anyway. Lotus has always been better than Exchange in many respects. At one point IBM could have had more great products. The SmartSuit Millinium Edition office package was realy nice and worked well. As well, the Notes client is fairly robust. It seems IBM is always at the forefront of new technology, or has a good long term product. Then for some unknown reason. Thay always drop the ball. MS is a good example. Big Blue got the shaft from them early on and helped seat MS in the posistion it is today. Go figure.